Lessons learnt from recent US Samsung data breach

Chad McDonald, CISO at Radiant Logic, shares his views on the importance of strong Identity Access Management principles after the Samsung US data breach.

Samsung recently confirmed it suffered a data breach which led to the personal information of customers being leaked online.

The company revealed that customer data had been compromised on 4 August, following an apparent security incident in the preceding weeks. It also said that an “unauthorized third party" had acquired information from some of Samsung’s US systems, including names, contact information, dates of birth and product registration details. However, no credit card numbers or social security numbers were breached.

A spokesman said in a statement: "Samsung detected the incident and has taken actions to secure the affected systems. As part of our ongoing investigation, we have engaged a leading outside cybersecurity firm and are coordinating with law enforcement. We are notifying customers to make them aware of this matter.

"At Samsung, we value the trust our customers place in our products and services – trust that we have built up over many years. This is why the security and privacy of our customers’ data is of the utmost importance to us, and our products and services are designed and built with this top of mind."

Failure to manage identity data 

Chad McDonald, CISO at Radiant Logic, says that for many organisations, breaches like this are the result of failing to manage identity data and implement strong Identity Access Management principles.

"It is extremely serious that an unauthorised user was able to get their hands on Samsung customers’ personal information," he said.

"Many organisations suffer from identity sprawl, where identity data is spread across different applications which cannot communicate with each other, which ultimately means that systems - and therefore data - is siloed. This poses a huge security risk, with siloed systems increasing the attack surface of an organisation and creating gaps for threat actors to exploit

"Heavily siloed systems result in organisations failing to build complete and accurate user profiles. Security teams then struggle to properly identify users and give them the correct access, ultimately leading to security breaches such as this one on Samsung.

"Organisations need an Identity Access Management solution which can unify and streamline their identity data to provide complete and accurate user profiles. With complete visibility over systems, security teams are then able to properly track who should be accessing what, therefore reducing the risk of a serious breach," he added. 

What is identity managament?

According to cybersecurity company, VMWare, Identity management (IdM), also known as identity and access management (IAM) ensures that authorised people – and only authorised people – have access to the technology resources they need to perform their job functions. It includes polices and technologies that encompass an organisation-wide process to properly identify, authenticate, and authorise people, groups of people, or software applications through attributes including user access rights and restrictions based on their identities.

An identity management system prevents unauthorised access to systems and resources, helps prevent exfiltration of enterprise or protected data, and raises alerts and alarms when access attempts are made by unauthorized personnel or programs, whether from inside or outside the enterprise perimeter.

Identity management solutions not only protect software and data access, they also protect the hardware resources in an enterprise, such as servers, networks, and storage devices from unauthorised access which could lead to a ransomware attack. Identity management has gained importance over the past decade due to the growing number of global regulatory, compliance, and governance mandates that seek to protect sensitive data from exposure of any kind.

IdM and IAM systems generally are part of IT security and IT Data management within the enterprise, and identity and access management tools are widely available for the broad range of devices that users rely on to perform business functions from phones and tablets to desktop computers running Windows, Linux, iOS or Android.


Share

Featured Articles

How secure is sensitive data stored in the cloud?

A Cloud Security Alliance (CSA) survey has found 67% of organisations store sensitive data in public cloud environments, but how secure is it?

CYBER LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at highlights of the different stages at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

Does a cashless society mean higher risk of fraud?

Cyber Security

5 minutes with Gary Brickhouse, CISO of GuidePoint Security

Cyber Security

CTO at Passbolt explains the importance of password managers

Application Security